This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WAF real webserver over HTTPS and certificates

Hi,

do I understand it right that with a real webserver and a virtual webserver both using HTTPS two certificates are used?
Like Nginx uses its own SSL-certificate and the domain has another one on Sophos UTM for the virtual webserver.
Is in that case DNAT a better way than WAF?

Maybe somebody can explain the concepts.

Ralph

This thread was automatically locked due to age.

Parents

0 DouglasFoster over 6 years ago

Not exactly. 1) configure the real webserver with a certificate. 2) Export thE certificate chain with the private key and a password. 3) import the certificate into UTM and configure it on the virtual webserver. Now UTM can impersonate the real server.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 DouglasFoster over 6 years ago

Not exactly. 1) configure the real webserver with a certificate. 2) Export thE certificate chain with the private key and a password. 3) import the certificate into UTM and configure it on the virtual webserver. Now UTM can impersonate the real server.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data